Module: KubesAws::IamRole::Prebaked

Included in:
KubesAws::IamRole
Defined in:
lib/kubes_aws/iam_role/prebaked.rb

Instance Method Summary collapse

Instance Method Details

#prebaked_policiesObject 



3
4
5
6
7
 
# File 'lib/kubes_aws/iam_role/prebaked.rb', line 3

def prebaked_policies
  {
    secrets_read_only: secrets_read_only
  }
end

#secrets_read_onlyObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/kubes_aws/iam_role/prebaked.rb', line 9

def secrets_read_only
  {
    policy_document: {
      Version: "2012-10-17",
      Statement: {
        Effect: "Allow",
        Action: [
          "secretsmanager:Describe*",
          "secretsmanager:Get*",
          "secretsmanager:List*"
        ],
        Resource: "*"
      }
    },
    policy_name: "SecretsReadOnly",
  }
end